Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/ihQexg5HSRQHfyeVsCEptELNH9E.roa
File: ihQexg5HSRQHfyeVsCEptELNH9E.roa (raw, json)
Hash identifier: iktQ424E+0aLbSuMUdgCzSdn1h9tHIHNmHvk5s6TqU0=
Subject key identifier: 8A:14:1E:C6:0E:47:49:14:07:7F:27:95:B0:21:29:B4:42:CD:1F:D1
Certificate issuer: /CN=01825c7a9e2701b6ba3670d08d2a10a9ea15d3e3
Certificate serial: 018A403C782596E31C209D6D1EE92E826733
Authority key identifier: 01:82:5C:7A:9E:27:01:B6:BA:36:70:D0:8D:2A:10:A9:EA:15:D3:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYJcep4nAba6NnDQjSoQqeoV0-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/ihQexg5HSRQHfyeVsCEptELNH9E.roa
Signing time: Tue 29 Aug 2023 07:40:19 +0000
ROA not before: Tue 29 Aug 2023 07:40:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207065
IP address blocks: 185.119.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:3c:78:25:96:e3:1c:20:9d:6d:1e:e9:2e:82:67:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01825c7a9e2701b6ba3670d08d2a10a9ea15d3e3
Validity
Not Before: Aug 29 07:40:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a141ec60e474914077f2795b02129b442cd1fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2f:d6:7b:8f:ed:bb:33:b3:83:e0:fd:04:92:
7b:46:22:fb:35:05:ba:76:b0:90:95:2a:17:8b:56:
d8:fa:9e:70:98:54:84:b4:4f:16:8c:1b:12:2c:8f:
32:7e:1b:d2:3a:e9:7d:20:ea:ea:5a:0f:e5:9a:bc:
d7:b9:d8:35:dc:50:43:f7:56:36:23:07:c0:09:4f:
75:a7:7a:ed:87:b6:5a:bc:b2:f5:05:5a:79:c4:be:
d6:f3:7f:b0:dd:4a:b9:41:c1:37:4f:02:55:1b:90:
d1:f2:a4:d2:6d:cc:80:d9:ab:cc:87:13:72:f4:2f:
09:99:62:0c:08:ca:e6:cf:16:38:9f:91:e2:0b:7e:
7c:e2:d1:6e:0e:c0:8e:c2:d2:67:f7:07:7b:16:57:
24:3a:32:99:b1:6f:38:b9:3f:44:1b:26:07:bf:10:
af:e3:69:00:3b:8c:41:11:73:9e:91:82:2e:39:8a:
6b:1c:24:73:f5:0f:66:ea:2d:4c:8f:c4:92:30:2a:
b6:2e:3b:b6:be:80:75:f3:75:62:35:7a:06:4e:9b:
ca:59:d1:85:40:37:f9:eb:4f:f0:57:86:c5:0c:43:
43:d6:af:9b:38:09:c7:7c:fe:f9:48:24:aa:cf:17:
d8:9e:1e:4d:bc:0d:15:97:55:63:a0:f8:21:1d:88:
86:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:14:1E:C6:0E:47:49:14:07:7F:27:95:B0:21:29:B4:42:CD:1F:D1
X509v3 Authority Key Identifier:
keyid:01:82:5C:7A:9E:27:01:B6:BA:36:70:D0:8D:2A:10:A9:EA:15:D3:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYJcep4nAba6NnDQjSoQqeoV0-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/ihQexg5HSRQHfyeVsCEptELNH9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/79ac03-dc6a-40c0-82cb-8f10d5b96fd4/1/AYJcep4nAba6NnDQjSoQqeoV0-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.128.0/22
Signature Algorithm: sha256WithRSAEncryption
64:28:a9:66:63:18:16:c9:a4:58:6d:6b:93:c9:75:91:7f:dc:
90:4e:d6:56:21:97:d8:1c:03:da:03:9d:4e:e5:4f:a5:31:3b:
45:5a:d5:70:12:19:45:19:26:db:3d:f8:80:76:44:d9:98:d1:
a3:41:b5:81:c1:cf:23:b6:93:d0:e3:0c:fb:4f:f2:4c:2c:9c:
d8:90:49:f8:be:20:57:18:91:01:cd:cf:d2:ab:f4:57:68:67:
f9:e9:68:dc:b1:f0:7e:67:40:33:c1:a9:c6:7a:e7:72:cb:f5:
2e:0e:b6:cf:63:bd:ef:d6:f1:fd:5b:54:dd:f6:f2:27:a1:54:
3e:d1:f6:ed:76:58:ce:6b:8e:51:bb:22:8a:ea:00:5d:7a:29:
6f:19:91:e2:9b:a6:f1:c7:90:f6:ee:74:53:6d:29:e4:ab:12:
11:7b:da:98:1e:20:11:a5:01:9a:20:07:fc:95:28:c8:d5:ec:
a4:4d:d6:fe:a8:64:7b:a8:1d:be:2d:75:90:0a:8c:34:fa:4c:
52:79:04:6f:18:f4:f5:24:7b:50:6a:81:0b:58:0e:ff:83:3a:
3d:b9:50:28:db:8b:e5:08:d5:11:d2:f9:f9:b5:3b:89:f7:75:
87:99:fa:f9:c6:7a:cb:26:b5:8f:24:01:5f:1f:a8:8e:eb:58:
5e:91:c0:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpAPHglluMcIJ1tHukugmczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxODI1YzdhOWUyNzAxYjZiYTM2NzBkMDhkMmExMGE5ZWEx
NWQzZTMwHhcNMjMwODI5MDc0MDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTE0MWVjNjBlNDc0OTE0MDc3ZjI3OTViMDIxMjliNDQyY2QxZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAii/We4/tuzOzg+D9BJJ7RiL7NQW6
drCQlSoXi1bY+p5wmFSEtE8WjBsSLI8yfhvSOul9IOrqWg/lmrzXudg13FBD91Y2
IwfACU91p3rth7ZavLL1BVp5xL7W83+w3Uq5QcE3TwJVG5DR8qTSbcyA2avMhxNy
9C8JmWIMCMrmzxY4n5HiC3584tFuDsCOwtJn9wd7FlckOjKZsW84uT9EGyYHvxCv
42kAO4xBEXOekYIuOYprHCRz9Q9m6i1Mj8SSMCq2Lju2voB183ViNXoGTpvKWdGF
QDf560/wV4bFDEND1q+bOAnHfP75SCSqzxfYnh5NvA0Vl1VjoPghHYiGJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoUHsYOR0kUB38nlbAhKbRCzR/RMB8GA1UdIwQY
MBaAFAGCXHqeJwG2ujZw0I0qEKnqFdPjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVlKY2VwNG5BYmE2Tm5EUWpTb1FxZW9WMC1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS83OWFjMDMtZGM2YS00MGMwLTgyY2It
OGYxMGQ1Yjk2ZmQ0LzEvaWhRZXhnNUhTUlFIZnllVnNDRXB0RUxOSDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS83OWFjMDMtZGM2YS00MGMwLTgyY2ItOGYxMGQ1Yjk2ZmQ0
LzEvQVlKY2VwNG5BYmE2Tm5EUWpTb1FxZW9WMC1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXeAMA0G
CSqGSIb3DQEBCwUAA4IBAQBkKKlmYxgWyaRYbWuTyXWRf9yQTtZWIZfYHAPaA51O
5U+lMTtFWtVwEhlFGSbbPfiAdkTZmNGjQbWBwc8jtpPQ4wz7T/JMLJzYkEn4viBX
GJEBzc/Sq/RXaGf56WjcsfB+Z0AzwanGeudyy/UuDrbPY73v1vH9W1Td9vInoVQ+
0fbtdljOa45RuyKK6gBdeilvGZHim6bxx5D27nRTbSnkqxIRe9qYHiARpQGaIAf8
lSjI1eykTdb+qGR7qB2+LXWQCow0+kxSeQRvGPT1JHtQaoELWA7/gzo9uVAo24vl
CNUR0vn5tTuJ93WHmfr5xnrLJrWPJAFfH6iO61hekcD5
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:12 2025 by rpki-client